fixed error message if there's no email address found in the server
This commit is contained in:
+2
-66
@@ -87,70 +87,6 @@ func generateRandomState() string {
|
||||
return fmt.Sprintf("%x", b)
|
||||
}
|
||||
|
||||
// checkUserAuthorization calls the authorization microservice to verify user permissions
|
||||
func checkUserAuthorization(userID, accessToken string) (bool, error) {
|
||||
if AuthorizationURL == "" {
|
||||
helper.LogWarn("AUTHORIZATION_URL not configured, skipping authorization check")
|
||||
return false, nil // Allow access if authorization service is not configured
|
||||
}
|
||||
|
||||
// Prepare request to authorization microservice
|
||||
authCheckURL := fmt.Sprintf("%s", AuthorizationURL)
|
||||
|
||||
reqBody := map[string]string{
|
||||
"user_id": userID,
|
||||
"resource": "dashboard",
|
||||
"action": "view",
|
||||
}
|
||||
|
||||
jsonData, err := json.Marshal(reqBody)
|
||||
if err != nil {
|
||||
helper.LogError(err, "Failed to marshal authorization request")
|
||||
return false, err
|
||||
}
|
||||
|
||||
req, err := http.NewRequest("POST", authCheckURL, strings.NewReader(string(jsonData)))
|
||||
if err != nil {
|
||||
helper.LogError(err, "Failed to create authorization request")
|
||||
return false, err
|
||||
}
|
||||
|
||||
log.Print("JSON Data Sent to AuthZ Service: ", string(jsonData))
|
||||
req.Header.Set("Content-Type", "application/json")
|
||||
req.Header.Set("Authorization", "Bearer "+accessToken)
|
||||
|
||||
client := &http.Client{Timeout: 5 * time.Second}
|
||||
resp, err := client.Do(req)
|
||||
if err != nil {
|
||||
helper.LogError(err, "Failed to call authorization microservice")
|
||||
return false, err
|
||||
}
|
||||
defer resp.Body.Close()
|
||||
|
||||
// Read the response body first for logging
|
||||
bodyBytes, err := io.ReadAll(resp.Body)
|
||||
if err != nil {
|
||||
helper.LogError(err, "Failed to read authorization response body")
|
||||
return false, err
|
||||
}
|
||||
|
||||
log.Printf("AUTHZ RAW RESPONSE Status: %d, Body: %s", resp.StatusCode, string(bodyBytes))
|
||||
|
||||
// Parse response
|
||||
var authResp models.AuthorizationResponse
|
||||
if err := json.Unmarshal(bodyBytes, &authResp); err != nil {
|
||||
helper.LogError(err, "Failed to decode authorization response")
|
||||
log.Printf("Failed to unmarshal response body: %s", string(bodyBytes))
|
||||
return false, err
|
||||
}
|
||||
|
||||
log.Printf("AUTHZ RESPONSE for user %s: %+v", userID, authResp)
|
||||
helper.LogInfo(fmt.Sprintf("Authorization check for user %s: allowed=%v, redirect=%s, message=%s",
|
||||
userID, authResp.Allowed, authResp.RedirectRoute, authResp.Message))
|
||||
|
||||
return authResp.Allowed, nil
|
||||
}
|
||||
|
||||
func GoogleLogin(w http.ResponseWriter, r *http.Request) {
|
||||
|
||||
helper.LogInfo(fmt.Sprintf("Generated oauth_state: %s", oauthStateString))
|
||||
@@ -241,7 +177,7 @@ func GoogleCallback(w http.ResponseWriter, r *http.Request) {
|
||||
|
||||
if !emailExists {
|
||||
helper.LogError(errors.New("email not found"), "Email not registered: "+email)
|
||||
helper.RespondWithError(w, http.StatusUnauthorized, "Email not registered. Please contact the administrator.")
|
||||
helper.RespondWithError(w, http.StatusUnauthorized, "Please contact your administrator to request access.")
|
||||
return
|
||||
}
|
||||
|
||||
@@ -285,7 +221,7 @@ func GoogleCallback(w http.ResponseWriter, r *http.Request) {
|
||||
cookieConfig.Domain, cookieConfig.Secure, cookieConfig.HttpOnly, cookieConfig.SameSite))
|
||||
|
||||
if !emailExists {
|
||||
helper.RespondWithError(w, http.StatusUnauthorized, "Email not registered. Please contact the administrator.")
|
||||
helper.RespondWithError(w, http.StatusUnauthorized, "Please contact your administrator to request access.")
|
||||
return
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user